Assessing Network Vulnerabilities (VULN–221)
This is a closed class. It requires a contract. On-site for 22 people.
Days: 5 Days Labs: Yes –Local Cyber Range
Type of Course: Advanced Security / Technical
Prerequisites: Packet Analysis with Wireshark & Nmap
About this course: Maps to NICE Protect and Defend category and the specialty area of Vulnerability Assessment and Management. Network Vulnerability Assessment involves conducting assessments of threats and vulnerabilities from a network focus only and recommends appropriate mitigations in operational and non-operational situations.
Goals: Identify, analyze, and mitigate threats to internal IT systems or networks.
Topics: Exploits, vulnerability scans, securing networks, servers and workstations, packet and network attacks, assess risk to enterprise from specific network vulnerabilities, network security architecture, topology, protocols, components, network protocols, and directory services, network access, identity, access management and how traffic flows across the network, network analysis tools, vulnerability assessments, penetration testing, classes of attacks, mimicking threat behaviors, general attack stages, mapping threats to vulnerabilities, preparing audit reports and performing damage assessments. Covers topics of ARTEP relating to Team: Hunt.
Methods of instruction: There are 8 different possible exercises that can be used in a module. Some examples include: threats and controls, case studies, risk analysis practice, and reading review. Technical labs will require basic skills in operating systems and virtualization. As soon as students become too comfortable, the instructor will switch methods.
Students are expected to have basic experience in the areas of networking and DoD Cybersecurity as well as knowledge of related Cybersecurity policies and procedures. Course support DISA responsibilities in DoD Cybersecurity Discipline Implementation Plan, DoD I 8551.01, the STIG’s and NIST SP800-53. The course covers topics in NICCS / NICE and ARTEP.